How the EFF Defends You — From Easy SSL Certificate Deployment to Lawsuits Against Those Who Try to Take Away Your Digital Rights

blog post

By: Laura BernheimPosted: September 16, 2016

Follow "The Hosting Blog" daily as hosting experts, programmers, and tech managers go in depth on a variety of tech-related topics.

TL; DR: As our use of technology grows, the Electronic Frontier Foundation works to ensure people’s digital rights and freedoms are protected. The donor-funded, non-profit organization boasts more than 25,000 dues-paying members and acts on issues affecting all corners of online privacy, transparency, and innovation. Beyond taking legal action and empowering activists, the EFF creates powerful tools, such as HTTPS Everywhere, Let’s Encrypt, Certbot, and Privacy Badger, to enable individual users to protect themselves online.

After more than 15 years as a web developer and environmental and human rights activist, Bill Budington kept noticing the same problems. Whether it was unpatched hosts or outdated and expired software, many of the non-profits he worked with were highly vulnerable to cyber attacks.

Making matters worse, Bill noticed that many of the organizations weren’t able to invest the resources to follow the best practices for security.

“As much as they’d like to move from some outdated platform to something better, they wouldn’t be able to,” Bill said. “Part of my job was to let them know what some of the larger holes in their security might be and how they can actually protect themselves.”

Bill now combines those passions for activism and technology in his current role as Staff Technologist at the Electronic Frontier Foundation, a non-profit organization that champions and defends people’s rights to privacy and expression online.

Founded in 1990, the EFF influences policies and their enforcement through activism, litigation, development, and education.

Technologists and Lawyers Work Together to Fight for Digital Rights

As new issues arise, teams within the EFF discuss which projects to pursue. The organization employs about 70 people, split fairly equally among lawyers, technologists, and activists, Bill said.

Bill Budington (right) is part of an EFF team of lawyers, technologists, activists, and fundraisers based in San Francisco.

If there is a major concern or a case that might set legal precedence, EFF lawyers will file an amicus (or friend-of-the-court) brief to provide the judge with information or arguments to potentially consider in the ruling.

The EFF and 46 technology experts filed one such brief earlier in 2016 after a federal judge ordered Apple to disable security features of an iPhone connected to the suspect of the 2015 San Bernardino shootings.

“People can be remarkably uninformed or unsure about technology and privacy, so we want to contribute our expertise,” Bill said, adding that EFF technologists commonly advise lawyers on the more nuanced technologies at play.

Within the EFF’s legal team is a civil liberties team that protects citizens from the worst offenses and intrusions.

“Those are the folks that really make sure that when there are abuses happening, either with governments or new products, that something happens,” Bill said. “We may run an activist campaign, or we might take legal action.”

When Edward Snowden revealed the NSA’s surveillance program, the EFF sued the federal agency on multiple constitutional violations. The EFF often files joint litigation with organizations such as the American Civil Liberties Union “when the worst abuses happen,” Bill said.

Thousands gathered in Washington, DC, to protest the NSA surveillance program against which the EFF filed a suit.

Beyond private citizens, the EFF’s actions protect coders and researchers who might be sued or pressured by companies that don’t want them to release evidence of a security hole or privacy invasion, for example.

“We have an expert legal team that makes sure that these kinds of abuses are addressed,” Bill said. “We fight for the rights of those doing research or coding tools that will help maintain and build up the security of the Internet at large.”

More than half of the $16 million income the EFF saw in 2015 came from individual donations and matching employer donations, with other revenue coming from legal settlements and an arrangement with charity-focused online store Humble Bundle.

The EFF has a 4-star rating — the highest possible — from the watchdog organization Charity Navigator. More than 75% of the EFF’s expenses are spent on their program, with the remaining going toward fundraising and administrative costs.

Protecting Individual Privacy and Security With a Slew of Software

Think you’re browsing the Internet safely and anonymously? Most people do, according to Bill — and most people are wrong. Panopticlick, which the EFF launched in 2010, is a site that shows users how unique and trackable their browsers are.

“It basically gathers the bits of information that your browser leaves about you whenever you access a site and puts those pieces together to form a cohesive fingerprint of your browser,” Bill said. “This is used by tracking companies, even without the use of cookies, to make sure that they have your identity, and they’re able to see your browsing habits as you use the web.”

To date, more than 84% of browsers tested are uniquely identifiable. If Flash is installed, that number soars to 94%.

“This really drives home the point that users need to take concrete steps to protect their privacy online,” Bill said. “We raise the red flag with Panopticlick to show people, ‘Look how easy it is to track you as you browse the web,’ and then we provide solutions to help you protect yourself.”

Privacy Badger: Block Data-Mining Trackers with Browser Add-On

One such tool is Privacy Badger, a browser add-on that stops advertisers and third-parties from tracking your moves around the Internet.

Privacy Badger aims to give you maximum control over what advertisers can learn about your online behavior. Instead of starting with a list of known targets to block, Privacy Badger adapts as you browse by noting third-party domains that embed images, scripts, and advertising in the pages you visit.

HTTPS Everywhere and Let’s Encrypt: Find and Secure Sites More Often and Easily

The EFF started the push for encrypting web traffic in 2009 with two major programs. Bill helps maintain HTTPS Everywhere, a browser extension used by more than five million people that automatically loads the more secure HTTPS version of websites when one is available.

“Users can be assured they’re using the best security available for that website,” Bill said.

Working with Mozilla, Cisco, Akamai, and the Internet Security Research Group, the EFF also helped create the widely used Let’s Encrypt program that offers free and automated SSL certificates. In only a year of existence, Let’s Encrypt has issued more than 10 million certificates.

Certbot: Automatically Configure HTTPS on Your Server

As if Let’s Encrypt didn’t make SSL certificates easy enough, the EFF developed Certbot to automatically fetch and deploy certificates while configuring your server for HTTPS encryption.

“We’ve really helped the web with this issue of HTTPS being notoriously hard to deploy,” Bill said. “We’ve seen larger sites deploy it, but we’d like to make it easy for smaller sites to have HTTPS. We want HTTPS to be the default across the entire Internet, not the exception.”

EFF Technologists Feel the Love from Developer Community

The technologists appreciate the overwhelmingly positive feedback and gratitude they hear when traveling to conferences. As active developers themselves, Bill said they enjoy engaging with other devs around the world who report bugs or suggest new ideas.

By involving a larger group of people in the fight for Internet security, the EFF looks to grow their voice in global debates about online rights.

“It’s really great to have that feedback and feel the love,” he said. “That relationship with our members, our supporters, and the broader community at large is great when they see new issues pop up.”

Questions or Comments? Ask Laura!

Ask a question and Laura will respond to you. We strive to provide the best advice on the net and we are here to help you in any way we can.

Was this helpful? Tell Us Thanks.

Like this article on Facebook

Tweet this article on Twitter

Share this article on Google+

About the Author

Laura Bernheim

Laura Bernheim has spent more than 12 years crafting engaging and award-winning articles that share the passion behind organizations' products, people, and innovations. As a Managing Editor for HostingAdvice, she combines a reputation for producing quality content with rich technical expertise to show experienced developers how to capitalize on emerging technologies and find better ways to work with established platforms. A professional journalist, Laura has contributed to The New York Times, Sports Illustrated, the Sun Sentinel, and the world's top hosting providers. In addition to conducting interviews with industry leaders, Laura drives internal writing and design teams to deliver stellar, timely content that clearly explains even the most difficult concepts.

Disclaimer: Great efforts are made to maintain reliable data on all offers presented. However, this data is provided without warranty. Users should always check the offer provider’s official website for current terms and details. Our site receives compensation from many of the offers listed on the site. Along with key review factors, this compensation may impact how and where products appear across the site (including, for example, the order in which they appear). Our site does not include the entire universe of available offers. Editorial opinions expressed on the site are strictly our own and are not provided, endorsed, or approved by advertisers.